Arbitrary File Read

python3.5 is vulnerable to arbitrary file read. Running pydoc -p allows other local users to extract arbitrary files. The /getfile?key=path URL allows to read arbitrary file on the file system...

PT-2003-2448 · Aol · Aol Instant Messenger

Name of the Vulnerable Software and Affected Versions: AOL Instant Messenger AIM version 5.2.3292 Description: The issue allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name. This is a result of a buffer overflow. Recommendations: For AOL Instant...